This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
A mobile ad hoc network play important role in wireless communication, there are various applications in military, tactical and other security-sensitive operation depend on adhoc networks which require security. Unlike wired networks, adhoc networks has several unique characteristics like highly dynamic nature, P2P architecture, Bandwidth constrained and variable capacity links, Energy-constrained operation, Shared Wireless medium etc... which pose some security issues.
In this paper I will discuss some security Issues, goal of secure routing protocols & attacks which affect reliability, throughput of MANET routing protocols.
Keywords- MANET, Routing Protocols, security, attacks, security Issues, survey
This MANET , , - is the new emerging technology which enables users to communicate without any physical infrastructure regardless of their geographical location, that's why it is sometimes referred to as an "infrastructure less" network. The proliferation of cheaper, small and more powerful devices make MANET a fastest growing network. An adhoc network is self organizing and adaptive. Device in mobile ad hoc network should be able to detect the presence of other devices and perform necessary set up to facilitate communication and sharing of data and service. Ad hoc networking allows the devices to maintain connections to the network as well as easily adding and removing devices to and from the network. The set of applications for MANETs is diverse, ranging from large-scale, mobile, highly dynamic networks, to small, static networks that are constrained by power sources. Besides the legacy applications that move from traditional infrastructure environment into the ad hoc context, a great deal of new services can and will be generated for the new environment. It includes:
1. Sensor Networks
2. Military Battlefield
3. Medical Service
4. Personal Area Network etc...
Security solutions are important issues for MANET, especially for those selecting sensitive applications, have to meet the following design goals while addressing the above challenges. MANET is more vulnerable than wired network due to mobile nodes, threats from compromised centralized management. Because of these vulnerabilities, MANET is more prone to malicious attacks. The primary focus of this paper is to provide survey on various types of attacks that affect the MANET behaviour due to any reason, goals & challenges in designing secure routing protocol for it.
Security issues in manet
Routing in mobile ad hoc networks is gripped with additional problems and challenges when compared to routing in traditional wired networks with fixed infrastructure. There are several well known protocols in the literature that have been specifically developed to cope with the limitations imposed by adhoc networking environments. The problem of routing in such environments is aggravated by limiting factors such as rapidly changing topologies, high power consumption, low bandwidth and high error rates . Most of the existing routing protocols follow two different design approaches to confront the inherent characteristics of ad hoc networks, namely the table-driven [proactive] and the on-demand [reactive] approaches.
Before proceeding to security issue let's see some basic difference between these approaches. Table 2.1 list some of the basic differences between the two categories of MANETs Routing Protocols .
table- driven vs. on-demand Routing protocol
Require Higher storage for all node routes detail
Dependant on no. of routes maintained or needed
Periodic Route Updates
Approx. 100 nodes
Keep till route required
Here is hierarchy of some popular protocols in these categories.
Fig. 1 Example of an unacceptable low-resolution image
This basic MANET protocols has some vulnerability. Particular system may be vulnerable to unauthorized access & data manipulation because the system does not verify a user's identity before allowing data access , . MANET has more security holes than wired network. Some of the vulnerabilities are as follows :-
Lack of centralized management
MANET doesn't have a centralized monitor server. The absence of management makes the detection of attacks difficult because it is not east to monitor the traffic in a highly dynamic and large scale adhoc network. Lack of centralized management will impede trust management for nodes.
Resource availability is a major issue in MANET. Providing secure communication in such changing environment as well as protection against specific threats and attacks, leads to development of various security schemes and architectures. Collaborative adhoc environments also allow implementation of self organized security mechanism.
Due to mobility of nodes, scale of adhoc network changing all the time. So scalability is a major issue concerning security. Security mechanism should be capable of handling a large network as well as small ones.
Routing algorithm for MANET usually assume that nodes are cooperative and non-malicious. As a result a malicious attacker can easily become an important routing agent and disrupt network operation by disobeying the protocol specifications.
Dynamic topology and changeable nodes membership may disturb the trust relationship among nodes. The trust may also be disturbed if some nodes are detected as compromised. This dynamic behaviour could be better protected with distributed and adaptive security mechanisms.
Limited Power Supply
The nodes in mobile adhoc network need to consider restricted power supply, which will cause several problems. A node in mobile adhoc network may behave in a selfish manner when it is find that there is only limited power supply.
Security aspiration in manet
Nowadays wired & wireless networks widely used for communication. Governments & commercials application widely transfer from wired to wireless to transmit their information, so security is very important for such kind of application. In MANET, all networking functions such as routing and packet forwarding, are performed by nodes themselves in a self organizing manner. For these reasons, securing a mobile adhoc network is very challenging. The goals to evaluate if mobile adhoc network is secure or not are as follow :
Availability means the assets are accessible to authorized parties at appropriate times. Availability applies both to data and to services. It ensures the survivability of network service despite denial of service attack.
Confidentiality ensures that computer-related assets are accessed only by authorized parties. That is only those who should have access to something will actually get that access. To maintain confidentiality of some confidential information, we need to keep them secret from all entities that do not have privilege to access them. Confidentiality is sometimes called secrecy or privacy .
Integrity means that assets can be modified only by authorized parties or only in authorized way. Modification includes writing, changing status, deleting and creating. Integrity assures that a message being transferred is never corrupted.
Authentication enables a node to ensure the identity of peer node it is communicating with. Authentication is essentially assurance that participants in communication are authenticated and not impersonators. Authenticity is ensured because only the legitimate sender can produce a message that will decrypt properly with the shared key.
Non-repudiation ensures that sender and receiver of a message cannot disavow that they have ever sent or received such a message .This is helpful when we need to discriminate if a node with some undesired function is compromised or not.
Anonymity means all information that can be used to identify owner or current user of node should default be kept private and not be distributed by node itself or the system software.
Attacks using Fabrication
In this type of attack newly generated false messages used. These types of attacks are very difficult to detect.
types of security attacks in manet
Security of communication in MANET is important for secure transmission of information.Absence of any central co-ordination mechanism and shared wireless medium makes MANET more vulnerable to digital/cyber attacks than wired network there are a number of attacks that affect MANET. Understanding various types of attacks is most essential step to develop secure MANET routing protocols. Attacks are classified mainly in two types:
Fig. 2 Basic Types of Attacks
In this type of attacks attacker (malicious) node(s) may modify data or use fabricated message to attack in network. This type of attacks may try to disturb proper working of adhoc network. This type of attacks can be internal or external .
In internal type of attacks malicious (attacker) nodes are part of network itself so it will hard to identify whereas external type of attacks malicious (attacker) node(s) doesn't belong to attacking network.
So both type of active attack perform impersonation, fabrication, modification, replication type of actions.
In this type of attacks attacker (malicious) node(s) doesn't modified data or use fabricated message to attack in network. They just seat silent and snoop data from ongoing communication in network. This type of attacks doesn't disturb proper working of adhoc network so very hard to detect.
Below are some descriptions of Active type of attacks:
Black hole Attack
In this type of attack attacker node(s) sending false message to all or route requested node, which say it has shortest path to destination node. So all or requested node update its routing table & send data toward attacker (malicious) node(s). Malicious node(s) may drop all coming packet & forward to unintended node which tend to retransmission of data again & again which waste valuable resources.
Fig. 3 Black hole Attack
As shown in figure S is source node, D is destination node & M work as malicious (Attacker) node which generate black hole effect.
Here when node S flood Route request for node D, node M send fake Route Reply with shortest path to node D toward it. So node S send data to node M & node M mostly drop packets.
Worm hole Attack
In this type of attack attacker(s) make tunnel between them & grub data, pass it from tunnel & replay it at other end which disturb routing.
Fig. 4 Worm hole Attack
In DSR, AODV this type of attack could prevent discovery of any routes and may create a wormhole even for packet not address to itself because of broadcasting . Wormhole are hard to detect & do damage to network.
Gray hole Attack
In this type of attack attacker node(s) involve in data transmission path & then it will drop data packet on certain probability like packet intended for specific node or drop packets at certain time interval or every nth packet or at specific time of the day or some portion of packet. It is very hard to detect because it attack with probability so data forwarded by it in network, so hard to identify it.
Fig. 5 Gray hole Attack
As shown in figure node S send data to node D. Node M which works as Malicious node & it's in data transmission path which drop packet base on certain probability.
Location disclosure Attack 
This type of attack is a part of the information disclosure attack. The malicious node(s) leaks information regarding the location or the structure of the network and uses the location information for further attack. It gathers the node location information such as a route map and knows which nodes are situated on the target route. Traffic analysis is one of the unsolved security attacks against MANETs.
Fig. 6 Location disclosure Attack
As shown in figure node M1 collect all topology information & either disclose it with other malicious node M2 or use it for attack on any node like M1 send fake Message to S.
In this type of attack attacker (malicious) node(s) broadcast false packets or ghost packets which has wrong routing information & drain valuable resource like battery, processing power, bandwidth. It led to increase traffic in network & keeping node busy which reduce network performance.
Fig. 7 Flooding Attack
As shown in figure node M flood fake packet in network & interrupt communication.
Denial of Service attack
This type of attack has similarity with Flooding type of attacks. This type of attack is any event that diminishes or eliminates a network's capacity to perform its expected function. These attacks are launched against server resources or network bandwidth by preventing authorized users from accessing resources. For example, an attack may target a system by exhausting limited wireless resources such as bandwidth, storage space, battery power, CPU, or system memory. Networks and applications can be attacked by modifying routing information or changing system configuration, thereby directly attacking data integrity .
In this type of attacker node(s) record others data & reply that information later when need. Due to this type of attack network topology can't determine exactly & attacker tries to impersonate other nodes identity.
Selfish Nodes attack
In this type of attack a node doesn't harm to other in network but these type of malicious node use network for own purpose but doesn't involve in transmission for other nodes. By doing so they save their resource like battery, computation power & for own purpose thy use other node resources.
In this type of attack attacker node(s) divert all data packet traffic between sender & receiver node through itself. In many case it impersonate as receiver for sender & as sender for receiver.
Fig. 8 Man-in-the-Middle Attack
As shown in figure data transmission going on between nose S to node D. Malicious node M Divert all packet through it by Sending fake reply messages.
Impersonation attack/ Identity Spoofing
In this type of attack malicious node(s) use other nodes identity like IP or MAC address for attack.
In this type of attack malicious nodes generate fake message in network. These type of attack is difficult to identify as they come from valid routing format.
In this type of attack malicious node act as several different nodes with their identities rather its own identity .This allows it to forge the result of a voting used for threshold security methods .
In this type of attack An adversary node which receives a Route Request packet from the source node floods the packet quickly throughout the network before other nodes which also receive the same Route Request packet can react. Nodes that receive the legitimate Route Request packets assume those packets to be duplicates of the packet already received through the adversary node and hence discard those packets. Any route discovered by the source node would contain the adversary node as one of the intermediate nodes. Hence, the source node would not be able to find secure routes, that is, routes that do not include the adversary node. It is extremely difficult to detect such attacks in ad hoc wireless networks. On demand routing protocols that use duplicate suppression during the route discovery process are vulnerable to this attack .
Routing Table/ Cache Poisoning
In this kind of attack, malicious nodes in the networks send fictitious routing updates or modify genuine route update packets that are sent to other uncompromised nodes. Routing table poisoning may result in sub-optimal routing, congestion in portions of the network, or even make some parts of the network inaccessible .
Routing Table Overflow Attack
In this type of attack malicious node(s) tries to create routes to nonexistent nodes to the authorized nodes present in the network. It can simply send excessive route advertisements to overflow the target system's routing table. The goal is to have enough routes so that creation of new routes is prevented or the implementation of routing protocol is overwhelmed. These type of attack generally affect proactive type of routing protocols.
Here is some description of Passive type of attacks
Traffic Monitoring & Analysis
In this type of attack adversaries monitor packet transmission to infer important information such as a source, destination, and source-destination pair, analyze that information & it will use for different attacks .
Eavesdropping is another kind of attack that usually happens in the mobile ad hoc networks. Transmission in adhoc networks use share wireless medium & in broadcasting manner. All node in range can hear transmission without any extra efforts. This type of attack aims to obtain some confidential information that should be kept secret during the communication. The information may include the location, public key, private key or even passwords of the nodes. Because such data are very important to the security state of the nodes, they should be kept away from the unauthorized access.
In this type of attack an attacker may repeatedly make new connection request until the resources required by each connection are exhausted or reach a maximum limit. It produces severe resource constraints for legitimate nodes. This attack is like denial of service type.
Nowadays wireless technology widely use as communication medium, adhoc network is part of wireless network. Many applications require high security for data transmission.
In this paper I represent some security issues in MANET basic routing protocols & security aspiration aspect from good routing protocol. We also discuss various attacks which show vulnerability of adhoc network. So there is need to develop secure adhoc network protocols which give protection from almost all type of known & unknown attacks. There are many secure routing protocol proposed by many researchers but still there are lot of invention remain..